Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2024/03/14 12:0 a.m.341 views

JetBrains TeamCity 2023.05.3 - Remote Code Execution Exploit

Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: email protected - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on: 2023.05.3 -...

9.8CVSS7.3AI score0.99979EPSS
Exploits17
0day.today
0day.today
added 2024/02/11 12:0 a.m.341 views

Wordpress Augmented-Reality - Remote Code Execution Unauthenticated Exploit

Exploit Title: Wordpress Augmented-Reality - Remote Code Execution Unauthenticated Date: 2023-09-20 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import requests as req import json import sys import random import uuid import urllib.parse import urllib3 from...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/02/05 12:0 a.m.341 views

PCMan FTP Server 2.0 - (pwd) Remote Buffer Overflow Vulnerability

Exploit Title: PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow Exploit Author: Waqas Ahmed Faroouqi ZEROXINN Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0 Tested on: Windows XP SP3...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/01/09 12:0 a.m.341 views

AdvantechWeb / SCADA 9.1.5U SQL Injection Vulnerability

AdvantechWeb/SCADA version 9.1.5U suffers from a post authentication remote SQL injection vulnerability. ;; PostAuth SQLi in AdvantechWeb/SCADA 9.1.5U ;; ;; found: 28.12.2023 ;; ;; more: ;; https://code610.blogspot.com/2024/01/postauth-sqli-in-advantechwebscada-915u.html ;; POST...

8.7AI score
Exploits0
0day.today
0day.today
added 2023/04/05 12:0 a.m.341 views

Provide Server v.14.4 XSS - CSRF & Remote Code Execution Vulnerabilities

Provide Server v. 14.4 CVE-2023-23286 Vulnerabilities: CWE-79: Improper Neutralization of Input During Web Page Generation Unauthenticated stored XSS in server-log delivered via username field from login-form CWE-352: Cross-Site Request Forgery CSRF-token exposed in javascript, making it possible...

6.1CVSS6.4AI score0.02628EPSS
Exploits4
0day.today
0day.today
added 2023/04/03 12:0 a.m.341 views

GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration) Vulnerability

ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

9.8CVSS9.2AI score0.0858EPSS
Exploits3
0day.today
0day.today
added 2021/09/27 12:0 a.m.341 views

Simple Attendance System 1.0 Authentication Bypass Exploit

Exploit Title: Simple Attendance System v1.0 - Unauthenticated Add Admin Account Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/03/26 12:0 a.m.341 views

HP ThinPro 6.x / 7.x Privileged Command Injection Vulnerability

HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...

6.8CVSS1.2AI score0.00672EPSS
Exploits3
0day.today
0day.today
added 2020/03/17 12:0 a.m.341 views

Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution Vulnerabilities

Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities. Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution The HTML version on "Multiple vulnerabilities found in Zyxe...

0.9AI score
Exploits0
0day.today
0day.today
added 2024/03/04 12:0 a.m.341 views

Petrol Pump Management Software v1.0 - (Address) Stored Cross Site Scripting Vulnerability

Exploit Title: Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested...

6.1CVSS6.3AI score0.01307EPSS
Exploits4
0day.today
0day.today
added 2024/01/15 12:0 a.m.340 views

Quick TFTP Server Pro 2.1 Denial Of Service Exploit

!/usr/bin/perl use IO::Socket::INET; Exploit Title: Quick TFTP Server Pro 2.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 12 january 2024 Vendor Homepage: https://www.tallsoft.com/ Download to demo:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/09/06 12:0 a.m.340 views

SolarView Compact 6.00 Remote Command Execution Exploit

This Metasploit module exploits a command injection vulnerability on the SolarView Compact version 6.00 web application via the vulnerable endpoint downloader.php. After exploitation, an attacker will have full access with the same user privileges under which the webserver is running typically as...

9.8CVSS9.8AI score0.99273EPSS
Exploits9
0day.today
0day.today
added 2023/03/29 12:0 a.m.341 views

Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting XSS Author: Bleron Rrustemi Discovery Date: 2022-11-15 Vendor Homepage: https://www.uniview.com/tr/Products/NVR/Easy/NVR301-04S2-P4/ Datasheet:: https://www.uniview.com/download.do?id=1761643 Device Firmware:...

6.8AI score
Exploits0
0day.today
0day.today
added 2021/11/22 12:0 a.m.340 views

Wipro Holmes Orchestrator 20.4.1 File Disclosure Exploit

Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Log File Disclosure Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38283 import requests as rq import argparse import datetime import o...

7.5CVSS7.5AI score0.02412EPSS
Exploits5
0day.today
0day.today
added 2021/11/15 12:0 a.m.340 views

WordPress WPSchoolPress 2.1.16 Plugin - (Multiple) Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin WPSchoolPress 2.1.16 - 'Multiple' Cross Site Scripting XSS Exploit Author: Davide Taraschi Vendor Homepage: https://wpschoolpress.com/ Software Link: https://wpschoolpress.com/free-download/ Version: up to 2.1.17 non included Tested on: Ubuntu 20.04 over WordPress...

4.8CVSS5.7AI score0.02358EPSS
Exploits4
0day.today
0day.today
added 2021/10/18 12:0 a.m.340 views

Company's Recruitment Management System 1.0. - (title) Stored XSS Vulnerability

Exploit Title: Company's Recruitment Management System 1.0. - 'title' Stored Cross-Site Scripting XSS Exploit Author: Aniket Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.340 views

Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service Exploit

Exploit Title: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service PoC Exploit Author: Cem Onat Karagun of Diesec GmBH Vendor Homepage: https://www.google.com/ Version: Google Chrome 80.0.3987.87 Tested on: Windows x64 / Linux Debian x64 / MacOS CVE: CVE-2020-6404 PoC Video:...

8.8CVSS8.3AI score0.02045EPSS
Exploits5
0day.today
0day.today
added 2024/08/08 12:0 a.m.339 views

Open WebUI 0.1.105 File Upload / Path Traversal Vulnerabilities

Title: Open WebUI Arbitrary File Upload + Path Traversal Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt 1. Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-22:...

8.8CVSS8.8AI score0.01003EPSS
Exploits3
0day.today
0day.today
added 2024/06/04 12:0 a.m.339 views

Sitefinity 15.0 - Cross-Site Scripting Vulneraility

Exploit Title: Sitefinity 15.0 - Cross-Site Scripting XSS Exploit Author: Aldi Saputra Wahyudi Vendor Homepage: https://www.progress.com/sitefinity-cms Version:...

5.4CVSS5.5AI score0.01302EPSS
Exploits4
0day.today
0day.today
added 2024/04/21 12:0 a.m.339 views

Flowise 1.6.5 - Authentication Bypass Vulnerability

Exploit Title: Flowise 1.6.5 - Authentication Bypass Exploit Author: Maerifat Majeed Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise/releases Version: 1.6.5 Tested on: mac-os CVE : CVE-2024-31621 The flowise version if req.url.includes'/api/v1/'...

7.6CVSS7.2AI score0.59867EPSS
Exploits4
0day.today
0day.today
added 2024/04/17 12:0 a.m.339 views

pgAdmin 8.3 Remote Code Execution Exploit

pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded from an arbitrary location. This can be used to load a malicious, serialized Python object to execute code within the context of the target...

9.9CVSS7.6AI score0.79326EPSS
Exploits4
0day.today
0day.today
added 2024/03/18 12:0 a.m.339 views

Karaf v4.4.3 Console - Remote Code Execution Exploit

!/usr/bin/python Exploit Title: Karaf v4.4.3 Console RCE Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-karaf-exploits.git Vendor Homepage: https://karaf.apache.org Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/08/29 12:0 a.m.339 views

SPA-Cart eCommerce CMS 1.9.0.3 Cross Site Scripting Vulnerability

Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4547 CWE:...

6.1CVSS7.1AI score0.48533EPSS
Exploits4
0day.today
0day.today
added 2023/07/11 12:0 a.m.339 views

Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Frappe Framework ERPNext 13.4.0 - Remote Code Execution Authenticated Exploit Author: Sander Ferdinand Version: 13.4.0 Vendor Homepage: http://erpnext.org Software Link: https://github.com/frappe/frappe/ Tested on: Ubuntu 22.04 CVE : none Silly sandbox escape. Frappe Framework uses...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/30 12:0 a.m.339 views

Ecommerse v1.0 - Cross-Site Scripting (XSS) Vulnerability

Title: Ecommerse v1.0 - Cross-Site Scripting XSS Author: nu11secur1ty Vendor: https://github.com/winston-dsouza Software: https://github.com/winston-dsouza/ecommerce-website Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/winston-dsouza/ecommerce-website Description:...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/02/28 12:0 a.m.339 views

Osprey Pump Controller 1.0.1 Authentication Bypass Exploit

Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system. !/usr/bin/env python Osprey Pump Controller 1.0.1 Authentication Bypass Credentials Modification Vendor: ProPump and Controls,...

1.3AI score
Exploits0
0day.today
0day.today
added 2022/12/10 12:0 a.m.339 views

Senayan Library Management System 9.4.0 Cross Site Scripting Vulnerability

Title: Senayan Library Management System v9.4.0 a.k.a SLIMS 9 XSS-Reflected- PHPSESSID Hijacking Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://slims.web.id/web/news/rilis-9.4.0/ Reference:...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/09/02 12:0 a.m.339 views

Doctors Appointment System 1.0 Cross Site Scripting / SQL Injection Vulnerabilities

Exploit Title: Doctor's Appointment System v1.0 - Cross-Site Scripting XSS Google Dork: N/A Exploit Author: Abdullah Zaid - @aznull Vendor Homepage: https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html Software Link:...

9.8CVSS0.01793EPSS
Exploits5
0day.today
0day.today
added 2022/06/27 12:0 a.m.339 views

WordPress Weblizar 8.9 Plugin - Backdoor Vulnerability

Exploit Title: WordPress Plugin Weblizar 8.9 - Backdoor Google Dork: 'wp-json/am-member/license' Exploit Author: Sobhan Mahmoodi Vendor Homepage: https://weblizar.com/plugins/school-management/ Version: 8.9 Tested on: windows/linux Vulnerable code: addaction 'restapiinit', function...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/03/09 12:0 a.m.339 views

Webmin 1.984 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Webmin 1.984 - Remote Code Execution Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.webmin.com/ Software Link: https://github.com/webmin/webmin/archive/refs/tags/1.984.zip Version: = 1.984 Tested on: Ubuntu 18 Reference:...

9CVSS8.7AI score0.96977EPSS
Exploits13
0day.today
0day.today
added 2021/11/10 12:0 a.m.339 views

Microsoft OMI Management Interface Authentication Bypass Exploit

This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI management socket that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September...

9.8CVSS7.6AI score0.99723EPSS
Exploits20
0day.today
0day.today
added 2020/07/21 12:0 a.m.339 views

Intellian / Sea Tel / SAILOR VSAT / RedPort maritime Exploit Pack

ever wondered how can someone hack into a ship/vessel/carrier/yacht? well here is the bundle targeting 3 major companies specialized in maritime satellite networks. in this bundle you get Intellian 3 root backdoors seatel 1 DOS sailor 2 sensitive information disclosure redport 1 admin busybox RCE...

6.9AI score
Exploits0
0day.today
0day.today
added 2018/08/16 12:0 a.m.339 views

OpenEMR 5.0.1.3 - Arbitrary File Actions Vulnerability

Exploit for linux platform in category web applications Exploit Title: OpenEMR 5.0.1.3 - Arbitrary File Actions Exploit Author: Joshua Fam Twitter : @Insecurity Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Version: 5.0.1.3 Teste...

7.1AI score0.18208EPSS
Exploits9
0day.today
0day.today
added 2015/02/19 12:0 a.m.339 views

Mail.com Email Remote Authentication bypass 0day Exploit

This 0day Vulnerability can reset any email on mail.com service. Material holder may access any email box. This is private exploit. You can buy it at https://0day.today...

7AI score
Exploits0
0day.today
0day.today
added 2024/02/17 12:0 a.m.338 views

Metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646 !/usr/bin/env python3 import socke...

9.8CVSS7AI score0.97924EPSS
Exploits36
0day.today
0day.today
added 2022/06/21 12:0 a.m.339 views

Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Vulnerability

Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities. ======================================================================= title: Stored Cross-Site Scripting & Unsafe Java Deserializiation product: Gentics CMS vulnerable...

8.8CVSS0.01132EPSS
Exploits3
0day.today
0day.today
added 2020/03/24 12:0 a.m.338 views

Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...

5.5AI score0.04428EPSS
Exploits6
0day.today
0day.today
added 2020/02/24 12:0 a.m.338 views

Android Binder - Use-After-Free Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Android Binder Use-After-Free Exploit", 'Description' = %q , 'License' = MSFLICENSE, 'Author' = 'Jann Horn', discovery and exploit 'Maddie Stone'...

7.8CVSS0.4AI score0.72105EPSS
Exploits28
0day.today
0day.today
added 2015/12/19 12:0 a.m.338 views

Joomla 1.5 - 3.4.5 - HTTP Header Unauthenticated Remote Code Execution Exploit

Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5. By storing user supplied headers in the databases session table it's possible to truncate the input by sending an UTF-8 character. The custom created payload is then executed once the sessi...

7.5CVSS0.3AI score0.98283EPSS
Exploits16
0day.today
0day.today
added 2025/01/30 12:0 a.m.337 views

Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting Vulnerability

Vendor https://quorum.com/about/ Product Quorum onQ OS - 6.0.0.5.2064 Vulnerability Type Reflected Cross Site Scripting XSS Affected Component Login page get parameter 'msg' is vulnerable to Reflected Cross site scripting CVE Reference CVE-2024-44449 Security Issue Cross Site Scripting...

6.1CVSS7.2AI score0.00496EPSS
Exploits2
0day.today
0day.today
added 2024/06/04 12:0 a.m.337 views

Monstra CMS 3.0.4 - Remote Code Execution Exploit

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import re import sys if...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/05/19 12:0 a.m.337 views

Rocket LMS 1.9 - Persistent Cross Site Scripting Vulnerability

Title: Rocket LMS 1.9 - Persistent Cross Site Scripting XSS Exploit Author: Sergio Medeiros Vendor Homepage: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Software Link: https://lms.rocket-soft.org Version: 1.9 Tested on Firefox and Chrome Browsers Patched...

4.8CVSS7.1AI score0.00762EPSS
Exploits4
0day.today
0day.today
added 2024/04/15 12:0 a.m.337 views

BMC Compuware iStrobe Web - 20.13 - Pre-auth Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: Pre-auth RCE on Compuware iStrobe Web Date: 01-08-2023 Exploit Author: trancap Vendor Homepage: https://www.bmc.com/ Version: BMC Compuware iStrobe Web - 20.13 Tested on: zOS CVE : CVE-2023-40304 To exploit this vulnerability you'll need "Guest access" enabled...

7.2AI score
Exploits0
0day.today
0day.today
added 2024/02/19 12:0 a.m.337 views

XAMPP - Buffer Overflow Exploit

Exploit Title: XAMPP v3.3.0 — '.ini' Buffer Overflow Unicode + SEH Author: Talson @Ripp3rdoc Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.0.28/xampp-windows-x64-8.0.28-0-VS16-installer.exe Version: 3.3.0 Tested on: Windows 11 CVE-2023-46517 \ / \ \ /| | || | /| ||...

7AI score
Exploits4
0day.today
0day.today
added 2024/01/08 12:0 a.m.337 views

Linux io_uring __io_uaddr_map() Dangerous Multi-Page Handling Exploit

iouring: iouaddrmap handles multi-page region dangerously iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. A comment in iouaddrmap explains that the imported...

5.5CVSS5.5AI score0.00282EPSS
Exploits3
0day.today
0day.today
added 2023/06/19 12:0 a.m.337 views

Symantec SiteMinder WebAgent v12.52 - Cross-site scripting Vulnerability

Exploit Title: Symantec SiteMinder WebAgent v12.52 - Cross-site scripting XSS Google Dork: N/A Exploit Author: Harshit Joshi Vendor Homepage: https://community.broadcom.com/home Software Link: https://www.broadcom.com/products/identity/siteminder Version: 12.52 Tested on: Linux, Windows CVE:...

6.1CVSS7.1AI score0.03083EPSS
Exploits3
0day.today
0day.today
added 2023/03/27 12:0 a.m.337 views

Clansphere CMS 2011.4 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into the username of the...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/09/20 12:0 a.m.337 views

Blink1Control2 2.2.7 - Weak Password Encryption Exploit

// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const ArgumentParser =...

7.5CVSS7.6AI score0.04386EPSS
Exploits5
0day.today
0day.today
added 2021/10/19 12:0 a.m.337 views

Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection Exploit

Exploit Title: Online Motorcycle Bike Rental System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Chase ComardelleCASO Vendor Homepage: https://www.sourcecodester.com/php/14989/online-motorcycle-bike-rental-system-phpoop-source-code.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/10/22 12:0 a.m.337 views

DirtyCow Local Root Proof Of Concept Exploit

Exploit for linux platform in category local exploits / uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot -pthread $ ./cowroot DirtyCow root privilege escalation Backing up /usr/bin/passwd.. to /tmp/bak Size of binary: 57048 Racing, this may take a while.. /usr/bin/passwd...

7.2CVSS8AI score0.83524EPSS
Exploits82
Total number of security vulnerabilities5000